AWS Systems Manager Operational Capabilities

Effectively manage operational tasks using AWS Systems Manager

Publication date: October 12, 2021 (Document history)

With the number of growing Amazon Web Services (AWS) services, developers, DevOps leads, and system administrators should be focusing on operational integration. This whitepaper provides an overview of several capabilities of AWS Systems Manager and explains how you can effectively use this service to meet your operational needs. This paper also helps you organize and manage your AWS services or your hybrid environments (on-premises servers or virtual machines) from one central place. It covers the broad categorization of various Systems Manager offerings, and dives into details on each of the individual components within these categories.

Introduction

What is AWS Systems Manager?

AWS Systems Manager is an AWS service that you can use to view, manage, and control your infrastructure on multiple AWS services. Since its launch, Systems Manager has evolved at such a rapid pace that you can not only view and perform operational tasks but also automate operations on multiple AWS services. Systems Manager enables visibility and control of your cloud and on-premises infrastructure. It simplifies resource and application management, shortens the time to detect and resolve operational problems, and enables you to operate and manage your infrastructure securely at scale.

Who can use Systems Manager?

Systems Manager is a service designed to enable multiple roles to perform various operations on managed resources, such as Amazon Elastic Compute Cloud (Amazon EC2) instances. This service can be used by system administrators, software developers, security architects, cloud architects, and IT professionals who would like to manage AWS resources.

The capabilities of Systems Manager can be categorized into five key areas:

Operations Management
Change Management
Node Management
Application Management
Shared Resources

Systems Manager overview

Systems Manager components deep dive

The following sections discuss each of the capabilities in brief, covering a few examples for some of them. Before getting into the each of these capabilities, here are some of the Systems Manager features you should keep in mind as you highlight best practices for your business needs:

To improve your security posture, you can use Systems Manager through AWS PrivateLink. This enables you to privately access services hosted on AWS, without requiring the traffic to traverse the internet. When you create Amazon Virtual Private Cloud (VPC) endpoints for Systems Manager, you can attach AWS Identity and Access Management (IAM) resource policies that restrict user access to Systems Manager API operations, when these operations are accessed through the Amazon VPC endpoint.
Using AWS Systems Manager Quick Setup, you can enable AWS Config, and Change Manager along with Host Management.
Systems Manager offers a wide variety of integrations with other AWS services across various areas like Compute, Storage, Security, and Analytics.
Systems Manager is also available in GovCloud Regions for regulated customers to take advantage of various features that can help automatically collect software inventory, apply OS patches, create system images, and configure Microsoft Windows and Linux operating systems.
Application configuration and deployment without code deployments with AWS AppConfig and Parameter Store, a capability of Systems Manager.

Warning Javascript is disabled or is unavailable in your browser.

To use the Amazon Web Services Documentation, Javascript must be enabled. Please refer to your browser's Help pages for instructions.

Document Conventions

Operations Management